Node.js module that tells you when your package npm dependencies are out of date.
Getting Started
Install Node.js.
Install david:
cd /your/project/directory
npm install david
Use:
var david = require('david');
// Your package.json
var manifest = {
name: 'xxx',
dependencies: {
'aaa': '~0.0.0',
'bbb': '~0.0.0'
},
devDependencies: {
'yyy': '~0.0.0',
'zzz': '~0.0.0'
}
};
david.getDependencies(manifest, function (er, deps) {
console.log('latest dependencies information for', manifest.name);
listDependencies(deps);
});
david.getDependencies(manifest, { dev: true }, function (er, deps) {
console.log('latest devDependencies information for', manifest.name);
listDependencies(deps);
});
david.getUpdatedDependencies(manifest, function (er, deps) {
console.log('dependencies with newer versions for', manifest.name);
listDependencies(deps);
});
david.getUpdatedDependencies(manifest, { dev: true }, function (er, deps) {
console.log('devDependencies with newer versions for', manifest.name);
listDependencies(deps);
});
david.getUpdatedDependencies(manifest, { stable: true }, function (er, deps) {
console.log('dependencies with newer STABLE versions for', manifest.name);
listDependencies(deps);
});
david.getUpdatedDependencies(manifest, { dev: true, stable: true }, function (er, deps) {
console.log('devDependencies with newer STABLE versions for', manifest.name);
listDependencies(deps);
});
function listDependencies(deps) {
Object.keys(deps).forEach(function(depName) {
var required = deps[depName].required || '*';
var stable = deps[depName].stable || 'None';
var latest = deps[depName].latest;
console.log('%s Required: %s Stable: %s Latest: %s', depName, required, stable, latest);
});
}
Both getDependencies
and getUpdatedDependencies
return an object result,
whose keys are package names. The values are objects which contain the following properties:
required
- The version required according to the manifeststable
- The latest stable version availablelatest
- The latest version available (including build and patch versions)
CLI
If you install David globally with npm install -g david
, you can run david
in your project directory to see which dependencies are out of date.
You can also run david --global
to see your outdated global dependencies.
Update to latest
To update all your project dependencies to the latest stable versions,
and save to your package.json
, run:
david update
To update a particular project dependency to the latest stable version,
and save to your package.json
, run:
david update package-name
You can also update global dependencies to latest versions:
david update --global
To update all your project dependencies to the latest versions
(including unstable versions), pass the --unstable
flag:
david update --unstable
Alternate registry
david update --registry http://registry.nodejitsu.com/
Non-npm and SCM (Git) dependencies
If you have dependencies that are not published to npm, david will print a warning message by default. To throw an error and exit, pass the error404
option:
david --error404
If using david programmatically, pass error: {E404: true}
in the options object.
If you have dependencies whose versions are SCM URLs, david will print a warning message by default. To throw an error and exit, pass the errorSCM
option:
david --errorSCM
If using david programmatically, pass error: {ESCM: true}
in the options object.
Specify package.json path
Use -p, --package
to specify the path to your package.json.
Ignore dependencies
To tell david to ignore dependencies, add a david.ignore
property to your package.json
which lists the dependencies david should ignore. If using david programmatically you can also pass this as an option. Globs are also supported. e.g.
package.json
{
"david": {
"ignore": ["async", "underscore", "@types/*"]
}
}